Creating and editing GuardDuty log sources
See an overview of GuardDuty services that you have across all Amazon AWS accounts, see which QRadar® GuardDuty log sources are currently set up, and view or edit these log sources.
To modify log source information, ask your administrator to grant you the "Manage Log Sources" permission.
Before you begin
- On the Utilities for configuring AWS services for QRadar tab, click .
- Optional: Filter the log sources by the warnings or errors for each log source. Access the Filters sidebar by clicking the filter icon in the upper left of the view page.
- Click Create in the QRadar Log Source column, complete the parameters, and click Submit.
- Optional: To edit a log source, click the link of the log source name in the QRadar Log Source column, click Edit, and complete the configuration window that opens. Click Submit when you're finished.
To delete a log source, click the link of the log source name in the
QRadar Log Source column, and then click Delete in the
Log Source Summary.
You cannot undo the action.